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DETAILED ACTION 



1. 



This action is responding to application papers filed on 10-3-2003. 



2. 



Claims 1-32 are pending. Claim 1 has been amended. Claims 1, 7, 14, 20, 



25 are independent. 



Response to Arguments 



3. Applicant's arguments filed 9/13/2007 have been fully considered but they are not 
persuasive. 

3.1 Applicant argues that the referenced prior art does not disclose, "port opening 
delay" and " port closing delay", (see Remarks Pages 12, 23) ; "a port closing delay 
time", (see Remarks Page 16) 

A delay is defined as the time period between two events. Namely, for the 
opening of a port event, the delay is the time period between a closed port state and an 
open port state. And, for the closing of a port event, the delay is the time period 
between an open port state and a closed port state. The Katz prior art discloses a time 
calculation for opening a port and closing a port. This time calculation includes a time 
delay portion calculation. Katz discloses the calculation of multiple types of delay and 
an opening and closing delay is well known in the art. (see Katz paragraphs [001 1] and 
[0012]: multiple types of delay) 

The applicant states that Katz does not disclose "monitoring" on page 13, line 3, 



then applicant states that Katz "monitors" on page 13, line 6. Both statements cannot 
be true. The Katz prior art discloses monitoring to reach a determination for a delay 
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value for opening and closing ports (session communications interface). 

In order to adjust a value, the current state of a value namely the delay time (time 
period between closed and opened states or between opened and closed states) must 
first be determined, and then the value can be adjusted. The Katz prior art discloses 
the determination of a port opening time period and a port closing time period. The 
delay value is the time period for a transition from one state to the next state. 

3.2 Applicant argues that the referenced prior art does not disclose, "transmitting 
sessions signals at an increasing rate", (see Remarks Page 14) ; "signal to cause the 
closing of the port is detected" (see Remarks Page 17) ; 

A session is established between two network connected entities (nodes) indicated 
by the linking of an IP address location and the opening of a port at that particular IP 
address. Therefore, the opening of a port is effectively the establishment of a 
communications session (session signaling). The opening and closing of a port initiates 
and terminates a communications session. The Katz prior art discloses the dynamic 
adjustment (increasing) of session signaling information (session opening and session 
closing), (see Katz paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: dynamically 
adjust port opening, port closing) Any additional functions the Katz prior art discloses 
such as adjustments in timing parameter does not remove the fact that the Katz prior art 
discloses session signaling at a changing (increasing) rate as per claim limitation. 

3.3 Applicant argues the MeLampy et al. reference rejections, (see Remarks Page 
16) 
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The MeLampy prior art is not used to supply any noted deficiencies of the Katz 
prior art. There are no deficiencies in the Katz prior art. The Office Action clearly 
states the claims limitations that the MeLampy prior art is used to reject. 

3.4 Applicant argues that the referenced prior art does not disclose, "preselected 
maximum closing delay time", (see Remarks Page 18) 

The Katz prior art discloses a predetermined time parameter value used in the 
monitoring of port opening and closing, (see Katz paragraph [0024], lines 5-9: delay; 
paragraph [0025], lines 7-9: port action (i.e. open, close), predetermined value) 

3.5 Applicant argues that the referenced prior art does not disclose, "determining a 
time when said test signals first pass through said at least one port", (see Remarks 
Page 19) 

The Katz prior art discloses a time stamp for communications that pass through a 
communications session (session signaling) interface. The opening of a port is a 
communications initiation function and is the first signal to pass through a 
communications session interface, (see Katz paragraph [0014], lines 4-9; paragraph 
[0016], lines 5-10: time stamp communications processing; paragraph [0013], lines 5-9; 
paragraph [0030], lines 1-4: session signaling, port opening, port closing, 
communications session established, terminated)) 

3.6 Applicant argues that the referenced prior art does not disclose, "measuring the 
effect of the increasing rate of session signals on port closing delays, (see Remarks 
Page 21) 
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The Katz prior art discloses monitoring (required for measuring) utilizing time 
stamps for communications whereby determining the effect of session signaling 
(opening ports and closing ports), (see Katz paragraph [0030], lines 1-4; paragraph 
[0034], lines 1-5; paragraph [0024], lines 5-9: monitor, port opening delay, port closing 
delay, communications acknowledgement, delay determination; paragraph [0014], lines 
4-9; paragraph [0016], lines 5-10: time stamp for session communications) 

3.7 Applicant argues "rejection dependent claims", (see Remarks Pages 22, 24, 26) 
The arguments against the dependent claims are based on the arguments for the 

independent claims 20, 25 and 30. Due to the successful responses to the arguments 
against independent claims 20, 25 and 30, the arguments against dependent claims 21- 
24, 26-29 and 31-32 have also been successfully responded to. 

3.8 The examiner has considered the applicant's remarks concerning a test method 
for IP packet networks that verifies the proper functioning of a dynamic pinhole filtering 
implementation as well as quantifying network vulnerability statistically, as pinholes are 
opened and closed is described. Specific potential security vulnerabilities that may be 
addressed through testing include: 1) excessive delay in opening pinholes, resulting in 
an unintentional denial of service; 2) excessive delay in closing pinholes, creating a 
closing delay window of vulnerability; 3) measurement of the length of various windows 
of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an 
alert when a predetermined value is exceeded; 5) determination of incorrectly allocated 
pinholes, resulting in a denial of service; 6) determining the opening of extraneous 



* 
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pinhole/1 P address combinations through a firewall which increase the network 
vulnerability through unrecognized backdoors; and 7) determining the inability to 
correlate call state information with dynamically established rules in the firewall. 
Applicant's arguments have thus been fully analyzed and considered but they are not 
persuasive. 

After an additional analysis of the applicant's invention, remarks, and a search of 
the available prior art, it was determined that the current set of prior art consisting of 
Katz (20040039938), Bearden (20020112073), MeLampy (20020112073) and McClure 
(20030195861) discloses the applicant's invention including disclosures in Remarks 
dated September 13, 2007. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed In the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section , 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1 - 5, 7 - 12, 14 - 18, 30, 31 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Katz et al. (US PGPUB No. 20040039938). 



Regarding Claim 1, Katz discloses a method of testing a firewall comprising: 
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a) transmitting at least one of a session initiation signal to initiate a communications 
session through said firewall and a session termination signal used to terminate 
an established communications session; (see Katz paragraph [0013], lines 5-9; 
paragraph [0030], lines 1-4: session signaling, port opening, port closing, 
communications session established, terminated) and 

b) monitoring to determine from the time of at least one transmitted signal at least 
one of a port opening delay which occurs in regard to opening a port in said 
firewall for a communications session that is being initiated and a port closing 
delay which occurs in regard to closing a port in said firewall when terminating an 
established communications session, (see Katz paragraph [0030], lines 1-4; 
paragraph [0034], lines 1-5; paragraph [0024], lines 5-9: monitor, port opening 
delay, port closing delay, communications acknowledgement, delay 
determination) 

Regarding Claim 2, Katz discloses the method of claim 1, further comprising: 

a) transmitting session signals at an increasing rate through said firewall to cause at 
least one of the opening and closing of ports in said firewall; (see Katz paragraph 
[0013], lines 5-9; paragraph [0030], lines 1-4: dynamically adjust port opening, 
port closing) and 

b) measuring the effect of said increasing rate of session signals on at least one of 
an opening and a closing delay time associated with opening a port and closing a 
port, respectively, in response to transmitted session signals, (see Katz 
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paragraph [0030], lines 1-4; paragraph [0034], lines 1-5; paragraph [0024], lines 
5-9: monitor, port opening delay, port closing delay, communications 
acknowledgement, delay determination) 

Regarding Claim 3, Katz discloses the method according to claim 1, wherein said at 
least one of a port opening delay and a port closing delay is a port closing delay, (see 
Katz paragraph [0014], lines 2-8; paragraph [0024], lines 5-9: port closing delay, 
acknowledgement response) 

* 

Regarding Claim 4, Katz discloses the method of claim 3, further comprising: 

a) transmitting session signals at an increasing rate through said firewall to cause at 
least one of the opening and closing of ports in said firewall; (see Katz paragraph 
[0013], lines 5-9; paragraph [0030], lines 1-4: dynamically adjust (i.e. increasing 
rate) port opening, port closing) and 

b) measuring the effect of said increasing rate of session signals on at least one of 
an opening and a closing delay time associated with opening a port and closing a 
port, respectively, in response to said session signals, (see Katz paragraph 
[0030], lines 1-4; paragraph [0034], lines 1-5; paragraph [0024], lines 5-9: 
monitor, port opening delay, port closing delay, communications 
acknowledgement, delay determination) 

Regarding Claim 5, Katz discloses the method of claim 4, further comprising: 



Application/Control Number: 10/679,222 Page 9 

Art Unit: 2136 

determining an average closing delay for each of a plurality of different session 
signaling rates, (see Katz paragraph [0030], lines 1-4: compute timings of port opening, 
closing delays) 

Regarding Claim 7, Katz discloses a method of testing a network firewall comprising: 

a) transmitting a session signal to terminate an ongoing communications session 
being conducted through at least one port of said firewall; (see Katz paragraph 
[00027], lines 6-9: terminate session, port closing) and 

b) measuring a port closing delay time associated with the closing of said at least 
one port following the transmission of said signal to terminate said 
communications session, (see Katz paragraph [0030], lines 1-4; paragraph 
[0034], lines 1-5: monitor, port opening delay, port closing delay, communications 
acknowledgement; paragraph [0027], lines 6-9: session termination, port closing) 

Regarding Claim 8, Katz discloses the method of claim 7, wherein said port closing 
delay is a time period which occurs between the time a signal used to cause the closing 
of the port is detected and said port ceases to allow communications signals to pass 
through from the first side of said firewall to the second side of said firewall, (see Katz 
paragraph [0027], lines 6-9: port closing (i.e. opening, or closing); paragraph [0024], 
lines 5-9: port closing delay determination) 

Regarding Claim 9, Katz discloses the method according to claim 8, further comprising 
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the steps of: transmitting test signals at said port prior to the closing of said port; and 
monitoring the port to detemiine when said test signals cease passing through said port, 
(see Katz paragraph [0024], lines 5-9: time period to measure response 
acknowledgement, port closing delay) 

Regarding Claim 10, Katz discloses the method of claim 7, further comprising: 

a) repeating said initiating transmitting and measuring steps while increasing a rate 
of session signals sent to said firewall to load said firewall; (see Katz paragraph 
[0013], lines 5-9; paragraph [0030], lines 1-4: dynamically adjust (i.e. increasing 
rate) port opening, closing) and 

b) monitoring changes in port closing delay times in response to said increasing rate 
of session signals to determine effect of increasing levels of session signaling on 
closing delay times, (see Katz paragraph [0034], lines 1-5: monitor, port opening 
delay, port closing delay, communications acknowledgement, delay 
determination) 

Regarding Claim 11, Katz discloses the method of claim 10, further comprising: 
determining the level of session signaling that causes a closing delay time which 
exceeds a preselected maximum closing delay time, (see Katz paragraph [0024], lines 
5-9: delay; paragraph [0025], lines 7-9: port action (i.e. open, close), predetermined 
value) 
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Regarding Claim 12, Katz discloses the method of claim 10, further comprising: 
determining the amount of firewall processing power required for a particular application 
based on an expected traffic load and said monitored information indicating the effect of 
session signaling of different loads on said closing delay, (see Katz paragraph [0034], 
lines 5-8: load balance processing) 

Regarding Claim 14, Katz discloses a method of testing a network firewall, comprising: 

a) transmitting a session signal to initiate a communications session to be 
conducted through said firewall; (see Katz paragraph [0031], lines 2-4: session 
initiation) 

b) transmitting test signals to at least one port on a first side of said firewall; (see 
Katz paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: port opening, 
closing signals) 

c) determining a time when said test signals first pass through said at least one port, 
said at least one port being opened in response to said signal to initiate a 
communications session; (see Katz paragraph [0030], lines 1-4: time parameter 
utilized to open session) and 

d) determining a port opening delay which occurs in regard to opening a port in said 
firewall for said communications session from said determined time, (see Katz 
paragraph [0024], lines 5-9: port opening delay, acknowledgement response, 
delay determination) 
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Regarding Claim 15, Katz discloses the method of claim 14, wherein said port opening 

4 

delay is a time period which occurs between a time a signal used to cause the port for 
said communications session to open is detected and said port allows a signal to pass 
through from the first side of said firewall to the second side of said firewall, (see Katz 
paragraph [0024], lines^5-9: signal, acknowledgment sequence) 

Regarding Claim 16, Katz discloses the method according to claim 15, further 
comprising the step of: 

a) transmitting another session signal to terminate said communications session; 
(see Katz paragraph [0027], lines 6-9: terminate close session) and 

b) monitoring a port closing delay time corresponding to a port closing delay which 
occurs in regard to closing the port in said firewall that was opened for said 
communications session, (see Katz paragraph [0030], lines 1-4; paragraph 
[0034], lines 1-5: monitor, port opening delay, port closing delay, communications 
acknowledgement, delay determination) 

Regarding Claim 17, Katz discloses the method of claim 16, wherein said port closing 
delay is a time period which occurs between the time a signal used to cause the closing 
of the port is detected and said port ceases to allow communications signals to pass 
through from the first side of said firewall to the second side of said firewall, (see Katz 
paragraph [0024], lines 5-9; paragraph [0027], lines 6-9: dietermine delay, port closing 
communications session terminated) 
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Regarding Claim 18, Katz discloses the method of claim 14, further comprising the 
steps of: 

a) transmitting session signals at an increasing rate through said firewall to cause at 
least one of the opening and closing of ports in said firewall; (see Katz paragraph 
[0013], lines 5-9; paragraph [0030], lines 1-4: dynamically adjust (i.e. increasing 
rate) port opening, closing) and 

b) measuring the effect of said increasing rate of session signals on at least one of 
an opening and closing delay time associated with opening and closing ports,, 
respectively, in response to said session signals, (see Katz paragraph [0030], 
lines 1-4; paragraph [0034], lines 1-5: monitor, port opening delay, port closing 
delay, communications acknowledgement) 

Regarding Claim 30, Katz discloses a method of testing a firewall, comprising the 
steps of: 

a) transmitting session signals used to control at least one of the establishment and 
termination of communications sessions through said firewall at an increasing 
rate; (see Katz paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: 
dynamically adjust (i.e. increasing rate) port opening, closing rate) and 

b) measuring the effect of the increasing rate of session signals on port closing 
delays associated with the termination of communications sessions through said 
firewall, (see Katz paragraph [0030], lines 1-4; paragraph [0034], lines 1-5: 
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monitor, port opening delay, port closing delay, communications 
acknowledgement) 

Regarding Claim 31, Katz discloses the method of claim 30, further comprising; 
determining the session signal rate, which results in a maximum acceptable port closing 
delay being exceeded, (see Katz paragraph [0024], lines 5-9; paragraph [0025], lines 7- 
9: predetermined value for delay) 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention Is not identically disclosed or described as set forth in section 102 of this 
title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner In which the invention was made. 

7. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over Katz in 
view of Bearden et at. (US PGPUB No. 20020112073). 

Regarding Claim 6, Katz discloses the method of claim 5, further comprising: the 
average closing delay for a plurality of different session signaling rates, (see Katz 
paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: monitor (i.e. measure) effect of 
port opening and closing for a plurality of port openings, closings) Katz does not 
specifically disclose generating a visual display of a graph. However, Bearden in the 
same field of endeavor, communications (i.e. open, close) port processing, discloses 
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wherein further comprising: generating a visual display of a graph, (see Bearden 
paragraph [0230], lines 1-10; paragraph [0231], lines 18-21; paragraph [0232], lines 1-5: 
visual display of network parameters) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by Bearden to enable the capability to generate a visual display of a graph. One 
of ordinary skill in the art would have been motivated to employ the teachings of 
Bearden in order to the capability for efficient and completeness in monitoring and 
analysis of the performance of network entities, and the integration of network 
measurement, analysis, and visualization of network performance, (see Bearden 
paragraph [0051], lines 1-7: "... Thus, above-cited prior art techniques, while useful in 
particular circumstances, suffer from one or more limitations relating to completeness of 
monitoring or analysis of network entity performance, integration between network 
measurement, analysis and visualization, or in ease of use in connection with a variety 
of multimedia and other non-traditional applications. . . . ") 

8. Claims 13, 19, 32 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Katz in view of MeLampy et al. (US PGPUB No. 20020112073). 

Regarding Claims 13, 19, 32, Katz discloses the method of claims 7, 18, 31 . (see Katz 
paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: port opening, closing) Katz 
does not specifically disclose wherein said session signal is at least one of SIP and 
H.323 compliant signals. However, MeLampy in the same field of endeavor. 
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communications (i.e. open, close) port processing, discloses wherein said session 
signal is at least one of SIP and H.323 compliant signals, (see MeLampy paragraph 
[0065], lines 1-11; paragraph [0077], lines 1-4; paragraph [0077], lines 10-18; paragraph 
[0085], lines 2-6: session signaling, SIP, H.323) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by McLampy to enable the capability whereby a session signal is a SIP and/or 
H.323 compliant signals. One of ordinary skill in the art would have been motivated to 
employ the teachings of MeLampy in order to enable the efficient interoperation of a 
network type switch based on standards for networks communications interoperability, 
(see MeLampy paragraph [0027], lines 9-15: "... For example, to enable proper routing, 
each softswitcti would have to share information about circuit availability to ensure 
proper route-around functionality as the network becomes full. Since there are currently 
no standards for accomplishing this, vendors have been building proprietary methods; 
and these proprietary methods may not interoperate correctly, . . . 

9. Claims 20, 21, 25, 26, 27 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Katz in view of McClure et al. (US PGPUB No. 20030195861). 

Regarding Claim 20, Katz discloses a firewall test apparatus, comprising: 
. a) a session signaling module for generating session signals used to initiate a 
communications session to be conducted through a firewall to be tested and to 
terminate a communications session after it has been initiated; (see Katz 
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paragraph [0026], lines 1-4; paragraph [0027[, lines 6-9: initiate communication 
session (i.e. port open) and terminate communications session (i.e. port close)) 

c) a timing synchronization module for synchronizing operation of said firewall test 
apparatus to at least one of an external clock source and another firewall test 
apparatus; (see Katz paragraph [0015], lines 6-9: time synchronization) and 

Katz discloses wherein an analysis module for determining at least a port closing 
delay from a session signal time, and detected to stop passing through a port in said 
firewall, (see Katz paragraph [0024], lines 5-9: port closing delay[ paragraph [0027], 
lines 6-9: terminate (i.e. stop) communications session; paragraph [0036], lines 1-2; 
paragraph [0036], lines 6-12: software, module) Katz does not specifically disclose 
a scanning probe generation module for generating probe signals to be directed at 
firewall ports, and time probe signals. 

However, McClure in the same field of endeavor, communications (i.e. open, close) 
port processing, discloses: 

b) a scanning probe generation module for generating probe signals to be directed 
at firewall ports; (see McClure paragraph [0041], lines 11-16; paragraph [0162], 
lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 1-4: probe signal 
capability, port scanning capability) 

d) a time probe signals, (see McClure paragraph [0041], lines 11-16; paragraph 
[0162], lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 1-4: probe 
signal capability, port scanning capability) 
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It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by McClure to enable a scanning probe generation module, and time probe 
signals. One of ordinary skill in the art would have been motivated to employ the 
teachings of McClure in order to enable a quantitative method to objectively 
compare the security of network systems, (see McClure paragraph [0009], lines 1- 
11: "... Existing testing mettiods lack a standard, quantitative metliod for objectively 
comparing the security of a target networf< or target computer to ottier systems. 
Typically, a target network or target computer is ranked only as "high risk, " "medium 
risk, " or low risk. " However, such a three-tier system alone provides very little 
substantive feedback or comparative information about changes in the network over 
time, the relative weight of different vulnerabilities in determining the resulting risk 
level, or objective assessments of network security among othenA/ise heterogeneous 
network environment, " 

Regarding Clainn 21, Katz discloses the firewall test apparatus of claim 20, wherein 
said analysis module further includes means for determining at least a port opening 
delay from a session signal time associated with a session signal used to initiate a 
communications session, (see Katz paragraph [0024], lines 5-9: port opening delay) 
Katz does not specifically disclose time probe signals. However, McClure in the same 
field of endeavor, communications (i.e. open, close) port processing, discloses wherein 
time probe signals, (see McClure paragraph [0041], lines 11-16; paragraph [0162], 
lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 1-4: probe signal 
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capability, port scanning capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by McClure to enable the capability for time probe signals to start passing 
through a port. One of ordinary skill in the art would have been motivated to employ the 
teachings of McClure in order to enable a quantitative method to objectively compare 
the security of network systems, (see McClure paragraph [0009], lines 1-11) 

Regarding Claim 25, Katz discloses a firewall test system for testing a firewall, 
comprising; 

Katz discloses wherein a test signal generator for generating communications 
session initiation signals. And, a test signal analyzer for detecting probe signals 
passing through said first side of said firewall to said second side of said firewall and 
for determining port closing delays as measured from the time the test signal 
analyzer detects a signal used to close a port in said firewall and said analyzer 
ceases to detect test signals passing through said firewall (see Katz paragraph 
[0013], lines 5-9; paragraph [0026], lines 1-4: test signals to communications session 
initiation signals, port open) Katz does not specifically disclose probe signals 
directed at a first side of said firewall. 

However, McClure in the same field of endeavor, communications (i.e. open, close) 
port processing, discloses: 

a) probe signals directed at a first side of said firewall; (see McClure paragraph 
[0041], lines 11-16; paragraph [0162], lines 8-12; paragraph [0171], lines 1-4; 
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paragraph [0172], lines 1-4: probe signal capability, port scanning capability) 
b) probe signals (see Katz paragraph [0027], lines 6-9; paragraph [0024], lines 5-9: 

port open, close delays) 
It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by McClure to enable the capability for probe signals. One of ordinary skill in 
the art would have been motivated to employ the teachings of McClure in order to 
enable a quantitative method to objectively compare the security of network 
systems, (see McClure paragraph [0009], lines 1-11) 

Regarding Claim 26, Katz discloses the firewall test system of claim 25, wherein said 
test signal generator further includes: means for establishing a communications session 
through said firewall using session initiation signals, (see Katz paragraph [0026], lines 

I- 4: signal generation, establish communication session, port open; paragraph [0036], 
lines 1-2; paragraph [0036], lines 6-12: software, implementation means) Katz does 
not specifically disclose said probe signals. However, McClure in the same field of 
endeavor, communications (i.e. open, close) port processing, discloses wherein prior to 
transmitting at least some of said probe signals, (see McClure paragraph [0041], lines 

§ 

II- 16; paragraph [0162], lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 
1-4: probe signal capability, port scanning capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by McClure to enable the capability for said probe signals. One of ordinary skill 
in the art would have been motivated to employ the teachings of McClure in order to 
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enable a quantitative method to objectively compare the security of network systems, 
(see McClure paragraph [0009], lines 1-11) 

Regarding Claim 27, Katz discloses the firewall test system of claim 26, wherein said 
test signal generator includes means for synchronizing test signal generation to an 
outside clock source; and wherein said signal analyzer includes means for 
synchronizing device operation with said outside clock source, (see Katz paragraph 
[0015], lines 6-9; paragraph [0032], lines 1-12: clock (i.e. synchronization) based 
operations performed) 

10. Claims 22, 23, 28, 29 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Katz-McClure and further in view of MeLampy. 

Regarding Claim 22, Katz discloses the firewall test apparatus of claim 21 , wherein 
said session signaling module includes means for increasing amounts of session signal 
traffic used to initiate and terminate communications sessions, (see Katz paragraph 
[0013], lines 5-9; paragraph [0030], lines 1-4: adjust port opening, closing) Katz does 
not specifically disclose flooding said firewall. However, MeLampy in the same field of 
endeavor, communications (i.e. open, close) port processing, discloses wherein flooding 
said firewall, (see MeLampy paragraph [0066], lines 6-8; paragraph [0127], lines 13- 
16: data flow flooding capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
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taught by MeLampy to enable the capability to flood said firewall. One of ordinary skill 
in the art would have been motivated to employ the teachings of MeLampy in order to 
enable the efficient interoperation of a network type switch based on standards for 
networks communications interoperability, (see MeLampy paragraph [0027], lines 9-15) 

Regarding Claim 23, Katz discloses the firewall test apparatus of claim 22, wherein 
said analysis module includes: means for determining the effect of increasing amount of 
session signaling said firewall on the closing delays associated with terminating existing 
communications sessions, (see Katz paragraph [0013], lines 5-9; paragraph [0030], 
lines 1-4: adjust port opening, closing) Katz does not specifically disclose increasing 
amount of session signaling flooding. However, MeLampy disclose wherein increasing 
amount of session signaling flooding, (see MeLampy paragraph [0066], lines 6-8; 
paragraph [0127], lines 13-16: data flow flooding capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by MeLampy to enable the capability to increase the amount of session signaling 
flooding. One of ordinary skill in the art would have been motivated to employ the 
teachings of MeLampy in order to enable the efficient interoperation of a network type 
switch based on standards for networks communications interoperability, (see 
MeLampy paragraph [0027], lines 9-15) 

Regarding Claim 28, Katz discloses the firewall test system of claim 27, wherein said 
test signal generator includes means for session signals which trigger the opening or 
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the closing of ports in said firewall, (see Katz paragraph [0013], lines 5-9; paragraph 
[0030], lines 1-4: port opening, closing) Katz does not specifically disclose flooding 
said firewall with session signals. However, MeLampy in the same field of endeavor, 
communications (i.e. open, close) port processing, discloses wherein flooding said 
firewall with session signals, (see MeLampy paragraph [0066], lines 6-8; paragraph 
[0127], lines 13-16: data flow flooding capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by MeLampy to enable the capability to flood said firewall with session signals. 
One of ordinary skill in the art would have been motivated to employ the teachings of 
MeLampy in order to enable the efficient interoperation of a network type switch based 
on standards for networks communications interoperability, (see MeLampy paragraph 
[0027], lines 9-15) 

Regarding Claim 29, Katz discloses the firewall test system of claim 28, wherein said 
test analyzer further includes: means for measuring the effect of increasing the rate of 
session signals on port closing times following the termination of a communications 
session, (see Katz paragraph [0034], lines 1-5: monitor adjustments (i.e. increasing 
rate) to ports dynamically opening, closing) 

1 1 . Claim 24 is rejected under 35 U.S.C. 103(a) as being unpatentable over Katz- 
McClure and further in view of Bearden and further in view of MeLampy. 
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Regarding Claim 24, Katz discloses the firewall test apparatus of claim 23, further 
comprising: an output device for outputting increasing amounts of session signals on 
the closing delays associated with terminating existing communications sessions, (see 
Katz paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: monitor (i.e. measure) 
effect of port opening and closing for a plurality of port openings, closings) Katz does 
not specifically disclose an output device for outputting a report. However, Bearden in 
the same field of endeavor, communications (i.e. open, close) port processing, 
discloses wherein an output device for outputting a report, (see Bearden paragraph 
[0230], lines 1-10; paragraph [0231], lines 18-21; paragraph [0232], lines 1-5: visual 
display of network parameters) 

It would have been obvious to one of ordinary skill in the art to modify Katz as 
taught by Bearden to enable the capability to output a report. One of ordinary skill in the 
art would have been motivated to employ the teachings of Bearden in order to the 
capability for efflcient and completeness in monitoring and analysis of the performance 
of network entities, and the integration of network measurement, analysis, and 
visualization of network performance, (see Bearden paragraph [0051], lines 1-7) 

Katz-Bearden does not specifically disclose the effect of flooding said firewall. 
However, MeLampy discloses wherein flooding said firewall, (see MeLampy paragraph 
[0066], lines 6-8; paragraph [0127], lines 13-16: data flow flooding capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz- 
Bearden as taught by MeLampy to enable the capability to flood said firewall. One of 
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ordinary skill in the art would have been motivated to employ the teachings of MeLampy 
in order to enable the efficient interoperation of a network type switch based on 
standards for networks communications interoperability, (see MeLampy paragraph 
[0027], lines 9-15) 

Conclusion 

THIS ACTION IS MADE FINAL- Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carlton V. Johnson whose telephone number is 571- 
270-1032. The examiner can nornially be reached on Monday thru Friday , 8:00 - 
5:00PM EST. 

a 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
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supervisor, Nasser Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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